auto-save 2026-04-19 21:39 (+1, ~2)

images/base/patch-venv.sh

@@ -0,0 +1,46 @@
+#!/bin/bash
+# 补丁:给 sandbox 用户预建 venv,env 由 orchestrator 的 incus.ts 每次 exec 时传入。
+set -euo pipefail
+
+PROJECT="lobe-sandbox"
+BUILDER="sb-patch"
+IMAGE="lobe-sandbox-base"
+log() { echo "==> [$(date +%H:%M:%S)] $*"; }
+
+incus info "$BUILDER" --project "$PROJECT" >/dev/null 2>&1 && \
+  incus delete "$BUILDER" --project "$PROJECT" --force
+
+log "Launch"
+incus init "$IMAGE" "$BUILDER" --project "$PROJECT" -p sandbox-default
+incus start "$BUILDER" --project "$PROJECT"
+sleep 3
+
+log "Create /home/sandbox/.venv"
+incus exec "$BUILDER" --project "$PROJECT" --user 1000 -- \
+  uv venv /home/sandbox/.venv --seed --quiet
+
+log "Sanity: install requests via env-injected VIRTUAL_ENV"
+incus exec "$BUILDER" --project "$PROJECT" \
+  --user 1000 \
+  --env VIRTUAL_ENV=/home/sandbox/.venv \
+  --env 'PATH=/home/sandbox/.venv/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin' \
+  --env HOME=/home/sandbox \
+  -- bash -c '
+  uv pip install --quiet requests
+  python3 -c "import requests; print(\"requests\", requests.__version__, \"OK\")"
+'
+
+log "Cleanup cache"
+incus exec "$BUILDER" --project "$PROJECT" --user 1000 -- \
+  bash -c "rm -rf /home/sandbox/.cache/uv"
+incus exec "$BUILDER" --project "$PROJECT" -- bash -c "rm -rf /root/.cache /tmp/* /var/tmp/*"
+
+log "Stop + publish"
+incus stop "$BUILDER" --project "$PROJECT"
+incus image delete "$IMAGE" --project "$PROJECT" || true
+incus publish "$BUILDER" --project "$PROJECT" --alias "$IMAGE"
+
+log "Cleanup"
+incus delete "$BUILDER" --project "$PROJECT"
+incus image list --project "$PROJECT"
+log "DONE"